SelfPrivacy
/
selfprivacy-rest-api
7
2
Fork 1
Code Issues 15 Pull Requests 3 Projects Releases 1 Wiki Activity

Added SSH disable option. Added user addition feature. Rewritten user deletion logic

pull/2/head
Illia Chub 2021-06-21 10:17:02 +03:00
parent 1ceda086f5
commit d2716f5816
1 changed files with 44 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
main.py
View File

@ -1,18 +1,26 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
from flask import Flask, jsonify, request, json from flask import Flask, jsonify, request, json
from flask_restful import Resource, Api, reqparse from flask_restful import Resource, Api, reqparse
from flask_socketio import SocketIO
import base64 import base64
import pandas as pd import pandas as pd
import ast import ast
import subprocess import subprocess
import os import os
import fileinput import fileinput
app = Flask(__name__) app = Flask(__name__)
api = Api(app) api = Api(app)
socketio = SocketIO(app)
@app.route("/systemVersion", methods=["GET"]) @app.route("/systemVersion", methods=["GET"])
def uname(): def uname():
uname = subprocess.check_output(["uname", "-arm"]) uname = subprocess.check_output(["uname", "-arm"])
return jsonify(uname) return jsonify(uname)
@app.route("/getDKIM", methods=["GET"]) @app.route("/getDKIM", methods=["GET"])
def getDkimKey(): def getDkimKey():
with open("/var/domain") as domainFile: with open("/var/domain") as domainFile:
@ -29,31 +37,42 @@ def getDkimKey():
mimetype='application/json' mimetype='application/json'
) )
return response return response
@app.route("/pythonVersion", methods=["GET"]) @app.route("/pythonVersion", methods=["GET"])
def getPythonVersion(): def getPythonVersion():
pythonVersion = subprocess.check_output(["python","--version"]) pythonVersion = subprocess.check_output(["python","--version"])
return jsonify(pythonVersion) return jsonify(pythonVersion)
@app.route("/apply", methods=["GET"]) @app.route("/apply", methods=["GET"])
def rebuildSystem(): def rebuildSystem():
rebuildResult = subprocess.Popen(["nixos-rebuild","switch"]) rebuildResult = subprocess.Popen(["nixos-rebuild","switch"])
rebuildResult.communicate()[0] rebuildResult.communicate()[0]
return jsonify(rebuildResult.returncode) return jsonify(rebuildResult.returncode)
@app.route("/rollback", methods=["GET"]) @app.route("/rollback", methods=["GET"])
def rollbackSystem(): def rollbackSystem():
rollbackResult = subprocess.Popen(["nixos-rebuild","switch","--rollback"]) rollbackResult = subprocess.Popen(["nixos-rebuild","switch","--rollback"])
rollbackResult.communicate()[0] rollbackResult.communicate()[0]
return jsonify(rollbackResult.returncode) return jsonify(rollbackResult.returncode)
@app.route("/upgrade", methods=["GET"]) @app.route("/upgrade", methods=["GET"])
def upgradeSystem(): def upgradeSystem():
upgradeResult = subprocess.Popen(["nixos-rebuild","switch","--upgrade"]) upgradeResult = subprocess.Popen(["nixos-rebuild","switch","--upgrade"])
upgradeResult.communicate()[0] upgradeResult.communicate()[0]
return jsonify(upgradeResult.returncode) return jsonify(upgradeResult.returncode)
@app.route("/createUser", methods=["POST"]) @app.route("/createUser", methods=["POST"])
def createUser(): def createUser():
readOnlyFileDescriptor = open("users.nix", "r") readOnlyFileDescriptor = open("users.nix", "r")
fileContent = list() fileContent = list()
index = int(0) index = int(0)
while True: while True:
line = readOnlyFileDescriptor.readline() line = readOnlyFileDescriptor.readline()
@ -62,30 +81,40 @@ def createUser():
else: else:
fileContent.append(line) fileContent.append(line)
userTemplate = """ userTemplate = """
#begin
\"{0}\" = {{ \"{0}\" = {{
isNormalUser = true; isNormalUser = true;
hashedPassword = \"{1}\"; hashedPassword = \"{1}\";
}};\n""".format(request.headers.get("X-User"), request.headers.get("X-Password")) }};
#end""".format(request.headers.get("X-User"), request.headers.get("X-Password"))
for line in fileContent: for line in fileContent:
index += 1 index += 1
if line.startswith(" #delimiter"): if line.startswith(" #begin"):
fileContent.insert(index, userTemplate) fileContent.insert(index, userTemplate)
readWriteFileDescriptor = open("users.nix", "w") readWriteFileDescriptor = open("users.nix", "w")
operationResult = readWriteFileDescriptor.writelines(fileContent) operationResult = readWriteFileDescriptor.writelines(fileContent)
return jsonify( return jsonify(
result=0 result=0,
descriptor = operationResult
) )
@app.route("/deleteUser", methods=["DELETE"]) @app.route("/deleteUser", methods=["DELETE"])
def deleteUser(): def deleteUser():
user = subprocess.Popen(["userdel",request.headers.get("X-User")]) user = subprocess.Popen(["userdel",request.headers.get("X-User")])
user.communicate()[0] user.communicate()[0]
return jsonify(user.returncode) return jsonify(user.returncode)
@app.route("/serviceStatus", methods=["GET"]) @app.route("/serviceStatus", methods=["GET"])
def getServiceStatus(): def getServiceStatus():
imapService = subprocess.Popen(["systemctl", "status", "dovecot2.service"]) imapService = subprocess.Popen(["systemctl", "status", "dovecot2.service"])
imapService.communicate()[0] imapService.communicate()[0]
@ -98,15 +127,23 @@ def getServiceStatus():
smtp=smtpService.returncode, smtp=smtpService.returncode,
http=httpService.returncode http=httpService.returncode
) )
@app.route("/decryptDisk", methods=["POST"]) @app.route("/decryptDisk", methods=["POST"])
def requestDiskDecryption(): def requestDiskDecryption():
decryptionService = subprocess.Popen(["echo", "-n", request.headers['X-Decryption-Key'], "|", "cryptsetup", "luksOpen", "/dev/sdb", "decryptedVar"], stdout=subprocess.PIPE, shell=False)
decryptionService.communicate()[0] decryptionCommand = '''
echo -n {0} | cryptsetup luksOpen /dev/sdb decryptedVar'''.format(request.headers.get("X-Decryption-Key"))
decryptionService = subprocess.Popen(decryptionCommand, shell=True, stdout=subprocess.PIPE)
decryptionService.communicate()
return jsonify( return jsonify(
status=decryptionService.returncode status=decryptionService.returncode
) )
@app.route("/enableSSH", methods=["POST"]) @app.route("/enableSSH", methods=["POST"])
def enableSSH(): def enableSSH():
readOnlyFileDescriptor = open("/etc/nixos/configuration.nix", "rt") readOnlyFileDescriptor = open("/etc/nixos/configuration.nix", "rt")
readWriteFileDescriptor = open("/etc/nixos/configuration.nix", "wt") readWriteFileDescriptor = open("/etc/nixos/configuration.nix", "wt")
@ -121,7 +158,6 @@ def enableSSH():
status=0 status=0
) )
if __name__ == '__main__': if __name__ == '__main__':
app.run(port=5050, debug=False) app.run(port=5050, debug=False)